Abstract

The increased ability to copy and distribute information, knowledge, and entertainment in the digitally networked age has provoked a series of responses. In order to gain back control, copyright holders have made use of so-called technological protection measures (TPM) - including, for instance, Digital Rights Management (DRM) schemes - that are aimed at regulating the copying, distribution, and use of and access to digital works through code ("code is law"). Activists, in turn, have immediately taken counter-measures and designed tools that enable the hacking of technological protection measures such as copy and access controls. In response, law makers at both the international and national level have enacted legal provisions aimed at banning the act of circumvention of TPM on the one hand and the production and dissemination of circumvention tools on the other hand. Prominent examples of such legislation, among others, are the WIPO Internet Treaties (WCT art. 11 and WPPT art. 18), the Digital Millennium Copyright Act (DMCA sec. 1201), the European Copyright Directive (EUCD, art. 6 and art. 8), and the respective implementations of the EUCD into the laws of EU Member States.

Against this backdrop, this paper takes it as its baseline that many countries have already enacted legislation or will soon legislate on TPM in order to comply either with international obligations under WIPO, or with international free trade agreements involving a party that has powerful content industries such as the U.S. Thus, the immediate question before us is no longer whether the second and third layer of protection of digital works is appropriate or viable. Rather, at this stage, attention should be drawn to the alternative design choices that remain with countries that face the challenge of drafting or revisiting a legal regime aimed at protecting TPM. Consequently, the purpose of this paper is to identify different legislative and regulatory approaches and to discuss them in the light of previous experiences with TPM legislation in the U.S. and in Europe. Ultimately, the paper seeks to formulate basic design (or best practice) principles and to sketch the contours of a model law that aims to foster innovation in the digitally networked environment and minimize frequently observed spillover effects of TPM legislation.